CVE-2026-23129

CWE-9117 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers dpll_xa_ref_{dpll,pin}_add() to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin multiple times (with the same ops, priv, and cookie) on the same device, the core silently increments the reference count and return success. This behavior is incorrect because if the caller makes these duplicate regist

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.76.12.68+2
CVEListV5linux/linux9431063ad323ac864750aeba4d304389bc42ca4edfec0501dba8f4711ef142a6a890e4812b7af88c+3
Debianlinux< 6.12.69-1+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-rp48-fq7w-35g6: In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers d2026-02-14
OSV
CVE-2026-23129: In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers dpl2026-02-14
CVEList
dpll: Prevent duplicate registrations2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service in DPLL framework due to duplicate pin registrations2026-02-14
Debian
CVE-2026-23129: linux - In the Linux kernel, the following vulnerability has been resolved: dpll: Preve...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23129 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23129 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io